Enhancement #648
Updated by Marc Dequènes over 4 years ago
Please update the TODOs below and add a note to comment on the progress. Identified oneshot changes: * -add buster in our repo and check if packages needs to be ported- (spoolinger is done, lxd needs more work, nothing else needs porting) * Migrating from legacy network interface names: see https://www.debian.org/releases/buster/amd64/release-notes/ch-information.en.html#migrate-interface-names * /usr is now merged by default and most softwares expect path to be updated: there is no reason to diverge from the Debian installation and that would cause annoying config changes; installing the `usrmerge` package solves it ** -molly-guard problems (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930131)- (molly-guard and usrmerge backported in our repo) * SysV init related packages no longer required: apt purge initscripts sysv-rc insserv startpar * PostgreSQL databases need to be reindexed: sudo -u postgres reindexdb --all Identified deployment changes: * -hidepid hidepid with systemd and polkit: see https://wiki.debian.org/Hardening#Mounting_.2Fproc_with_hidepid- https://wiki.debian.org/Hardening#Mounting_.2Fproc_with_hidepid * -install debian-security-support- install debian-security-support Problematic softwares: * phpmyadmin: not in Buster but still in Debian; I see a "RFA":https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879741 with work towards newer versions but that requires many new dependencies, thus a backport of the latest 4.6.6 in our repo seems to be the way to go as I don't think an official backport is going to happen * ftp-ssl: still in Debian but missing in Buster because it was not ready for openssl 1.1; 0.17.34+0.2-4.1 contains a patch and could be backported in our repo (unless it comes in Debian first)